Strange firewall behavior



  • Have strange behavior going on.  After playing with this, frankly I'm stumped

    Network setup.  All routers pfsense.  2 sites.  Site A has 1 router/1 wan(Router A).  Site B has 2 routers/2 wan (1 each)(Router B & C)

    Router A 192.168.1.1/24
    Router B 10.0.0.1/24
    Router C 10.0.0.3/24

    Router A  has an IPSEC VPN to  Router B.  Set to pass entire /24 network

    I have one server who's default gateway is Router C.  I have Router C programmed with a gateway to Router B (10.0.0.1).  Also with a route for 192.168.1.0/24 to go to gateway/Router B

    On Router C, I have a standard LAN Firewall rule allow any any.

    The strange part is I have firewall logs showing blocked traffic from 10.0.0.101 to 192.168.1.200.

    Shouldn't the standard lan rule allow the traffic, and shouldn't the route send that traffic over to Router B?  Why the log entry?



  • Router B and C both have the same LAN subnet - unless you know exactly what you're doing that will cause you problems, and may be the cause of the problems you're seeing.



  • I'm sure its something simple i'm missing.

    I even changed the gateway within the firewall rule itself and was still getting deny logs.  Arg!!!!


Locked